08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
SITA LAB PPT (XYBER CRIME)
1. Combating Cyber crimes-Combating Cyber crimes-
Law &Law &
Enforcement in IndiaEnforcement in India
Seminar on Information Technology Acts
Submitted to :
Mr. Pranjal Bansal
BY:
Vishal Soni
4th
year / 8th
Sem
Computer Engineering
08CE97
2. Introduction to CyberIntroduction to Cyber
crimecrime
Computer CrimeComputer Crime ,, E-E-
CrimeCrime,, Hi-Tech CrimeHi-Tech Crime oror
Electronic CrimeElectronic Crime isis
where awhere a computercomputer is theis the
target of atarget of a crimecrime or is theor is the
means adopted to commit ameans adopted to commit a
crime.crime.
Most of these crimes areMost of these crimes are
not new. Criminals simplynot new. Criminals simply
devise different ways todevise different ways to
undertake standard criminalundertake standard criminal
activities such asactivities such as fraudfraud,,
theft, blackmail, forgery,theft, blackmail, forgery,
and embezzlement usingand embezzlement using
the new medium, oftenthe new medium, often
involving the Internetinvolving the Internet
3. Computer vulnerabilityComputer vulnerability
Computers store huge amounts of data in small spacesComputers store huge amounts of data in small spaces
Ease of accessEase of access
Complexity of technologyComplexity of technology
Human errorHuman error
One of the key elements that keeps most members of any societyOne of the key elements that keeps most members of any society
honest is fear of being caught — the deterrence factor. Cyberspacehonest is fear of being caught — the deterrence factor. Cyberspace
changes two of those rules. First, it offers the criminal an opportunitychanges two of those rules. First, it offers the criminal an opportunity
of attacking his victims from the remoteness of a different continentof attacking his victims from the remoteness of a different continent
and secondly, the results of the crime are not immediately apparent.and secondly, the results of the crime are not immediately apparent.
Need new laws and upgraded technology to combat cyber crimesNeed new laws and upgraded technology to combat cyber crimes
4. Types of Cyber crimesTypes of Cyber crimes
Credit card fraudsCredit card frauds
Cyber pornographyCyber pornography
Sale of illegal articles-Sale of illegal articles-
narcotics, weapons, wildlifenarcotics, weapons, wildlife
Online gamblingOnline gambling
Intellectual Property crimes-Intellectual Property crimes-
software piracy, copyrightsoftware piracy, copyright
infringement, trademarksinfringement, trademarks
violations, theft of computerviolations, theft of computer
source codesource code
Email spoofingEmail spoofing
ForgeryForgery
DefamationDefamation
Cyber stalking (section 509Cyber stalking (section 509
IPC)IPC)
PhisingPhising
Cyber terrorismCyber terrorism
Crime against persons
Crime against Government
Crime against property
5. Computer VirusesComputer Viruses
VirusesViruses
A computer virus is aA computer virus is a
computer program thatcomputer program that
can infect othercan infect other
computer programs bycomputer programs by
modifying them in suchmodifying them in such
a way as to include aa way as to include a
(possibly evolved) copy(possibly evolved) copy
of it. Note that aof it. Note that a
program does not haveprogram does not have
to perform outrightto perform outright
damage (such asdamage (such as
deleting or corruptingdeleting or corrupting
files) in order to befiles) in order to be
called a "virus".called a "virus".
Viruses
File
infectors
Boot record
infectors
Boot and
file
viruses
7. Combating cyber crimesCombating cyber crimes
Technological measures-Technological measures-
Public key cryptography,Public key cryptography,
Digital signatures ,Firewalls,Digital signatures ,Firewalls,
honey potshoney pots
Cyber investigation-Cyber investigation-
Computer forensics is theComputer forensics is the
process of identifying,process of identifying,
preserving, analyzing andpreserving, analyzing and
presenting digital evidence inpresenting digital evidence in
a manner that is legallya manner that is legally
acceptable in courts of law.acceptable in courts of law.
These rules of evidenceThese rules of evidence
include admissibility (ininclude admissibility (in
courts), authenticity (relationcourts), authenticity (relation
to incident), completeness,to incident), completeness,
reliability and believability.reliability and believability.
Legal framework-laws &Legal framework-laws &
enforcementenforcement
8. International initiativesInternational initiatives
Representatives from the 26Representatives from the 26
Council of Europe members, theCouncil of Europe members, the
United States, Canada, Japan andUnited States, Canada, Japan and
South Africa in 2001 signed aSouth Africa in 2001 signed a
convention on cybercrime in effortsconvention on cybercrime in efforts
to enhance internationalto enhance international
cooperation in combatingcooperation in combating
computer-based crimes.computer-based crimes.
TheThe Convention on CybercrimeConvention on Cybercrime,,
drawn up by experts of the Councildrawn up by experts of the Council
of Europe, is designed toof Europe, is designed to
coordinate these countries' policiescoordinate these countries' policies
and laws on penalties on crimes inand laws on penalties on crimes in
cyberspace, define the formulacyberspace, define the formula
guaranteeing the efficientguaranteeing the efficient
operation of the criminal andoperation of the criminal and
judicial authorities, and establishjudicial authorities, and establish
an efficient mechanism foran efficient mechanism for
international cooperation.international cooperation.
In 1997, TheIn 1997, The G-8 MinistersG-8 Ministers agreedagreed
to ten "Principles to Combat High-to ten "Principles to Combat High-
Tech Crime" and an "Action PlanTech Crime" and an "Action Plan
to Combat High-Tech Crimeto Combat High-Tech Crime."."
Main objectives-Main objectives-
Create effective cyber crimeCreate effective cyber crime
lawslaws
Handle jurisdiction issuesHandle jurisdiction issues
Cooperate in internationalCooperate in international
investigationsinvestigations
Develop acceptableDevelop acceptable
practices for search andpractices for search and
seizureseizure
Establish effectiveEstablish effective
public/private sectorpublic/private sector
interactioninteraction
9. Frequency of incidents of Cyber crimes in India
Source: Survey conducted by ASCL
Denial of Service: Section
43
Virus: Section: 66, 43
Data Alteration: Sec. 66
U/A Access: Section 43
Email Abuse: Sec. 67,
500, Other IPC Sections
Data Theft: Sec 66, 65
99
11. 11
Number of Indian sites hacked
Site of BARC-panic all around
0
6
12
25
0
5
10
15
20
25
1998 1999 2000 2001
12. 2001 CSI/FBI Computer Crime and Security Survey
Of the organizations suffering security compromises in the last
year– 95% had Firewalls and 61%had IDSs
981009896Anti-virus software
90929389Access Control
%%%%
SECURITY TECHNOLOGIES
USED
64626150Encrypted Files
95789181Firewalls
61504235Intrusion Detection Systems
2001200019991998
•False sense of security – “We already have a Firewall”
12
13. What is India inc’s biggestWhat is India inc’s biggest
threat?threat?
Cyber crime is now a bigger threat to India Inc thanCyber crime is now a bigger threat to India Inc than
physical crime. In a recent survey by IBM, a greaterphysical crime. In a recent survey by IBM, a greater
number of companies (44%) listed cyber crime as anumber of companies (44%) listed cyber crime as a
bigger threat to their profitability than physical crimebigger threat to their profitability than physical crime
(31%).(31%).
The cost of cyber crime stems primarily from loss ofThe cost of cyber crime stems primarily from loss of
revenue, loss of market capitalisation, damage torevenue, loss of market capitalisation, damage to
the brand, and loss of customers, in that order.the brand, and loss of customers, in that order.
About 67% local Chief Information Officers (CIOs)About 67% local Chief Information Officers (CIOs)
who took part in the survey perceived cyber crimewho took part in the survey perceived cyber crime
as more costly, compared to the global benchmarkas more costly, compared to the global benchmark
of 50%.of 50%.
14. Combating Cyber crime-Combating Cyber crime-
Indian legal frameworkIndian legal framework
Information Technology Act, 2000-came into force on 17Information Technology Act, 2000-came into force on 17
October 2000October 2000
Extends to whole of India and also applies to any offence orExtends to whole of India and also applies to any offence or
contravention there under committed outside India by anycontravention there under committed outside India by any
person {section 1 (2)}person {section 1 (2)}
read with Section 75- Act applies to offence or contraventionread with Section 75- Act applies to offence or contravention
committed outside Indiacommitted outside India by any personby any person irrespective of hisirrespective of his
nationality,nationality, if such act involves a computer, computer systemif such act involves a computer, computer system
oror network located in Indianetwork located in India
Section 2 (1) (a) –”Access” means gaining entry intoSection 2 (1) (a) –”Access” means gaining entry into
,instructing or communicating with the logical, arithmetic or,instructing or communicating with the logical, arithmetic or
memory function resources of a computer, computermemory function resources of a computer, computer
resource or networkresource or network
IT Act confers legal recognition to electronic records andIT Act confers legal recognition to electronic records and
digital signatures (section 4,5 of the IT Act,2000)digital signatures (section 4,5 of the IT Act,2000)
15. Civil Wrongs under ITCivil Wrongs under IT
ActAct
Chapter IX of IT Act, Section 43Chapter IX of IT Act, Section 43
WhoeverWhoever without permissionwithout permission of owner of theof owner of the
computercomputer
– Secures access (mere U/A access)Secures access (mere U/A access)
Not necessarily through a networkNot necessarily through a network
– Downloads, copies, extracts any dataDownloads, copies, extracts any data
– Introduces or causes to be introduced any viruses orIntroduces or causes to be introduced any viruses or
contaminantcontaminant
– Damages or causes to be damaged any computerDamages or causes to be damaged any computer
resourceresource
Destroy, alter, delete, add, modify or rearrangeDestroy, alter, delete, add, modify or rearrange
Change the format of a fileChange the format of a file
– Disrupts or causes disruption of any computer resourceDisrupts or causes disruption of any computer resource
Preventing normal continuance ofPreventing normal continuance of
16. – Denies or causes denial of access by any meansDenies or causes denial of access by any means
Denial of service attacksDenial of service attacks
– Assists any person to do any thing aboveAssists any person to do any thing above
Rogue Websites, Search Engines, Insiders providingRogue Websites, Search Engines, Insiders providing
vulnerabilitiesvulnerabilities
– Charges the services availed by a person to theCharges the services availed by a person to the
account of another person by tampering oraccount of another person by tampering or
manipulating any computer resourcemanipulating any computer resource
Credit card frauds, Internet time theftsCredit card frauds, Internet time thefts
– Liable to pay damages not exceeding Rs. OneLiable to pay damages not exceeding Rs. One
crore to the affected partycrore to the affected party
– Investigation byInvestigation by
– ADJUDICATING OFFICERADJUDICATING OFFICER
– Powers of a civil courtPowers of a civil court
17. Section 65: Source CodeSection 65: Source Code
Most important asset of software companiesMost important asset of software companies
““Computer Source Code" means the listingComputer Source Code" means the listing
of programmes, computer commands,of programmes, computer commands,
design and layoutdesign and layout
IngredientsIngredients
– Knowledge or intentionKnowledge or intention
– Concealment, destruction, alterationConcealment, destruction, alteration
– computer source code required to be kept orcomputer source code required to be kept or
maintained by lawmaintained by law
PunishmentPunishment
– imprisonment up to three years and / orimprisonment up to three years and / or
– fine up to Rs. 2 lakhfine up to Rs. 2 lakh
18. Section 66: Hacking
• Ingredients
– Intention or Knowledge to cause wrongful loss
or damage to the public or any person
– Destruction, deletion, alteration, diminishing
value or utility or injuriously affecting
information residing in a computer resource
• Punishment
– imprisonment up to three years, and / or
– fine up to Rs. 2 lakh
• Cognizable, Non Bailable,
18
Section 66 covers data theft aswell as data alterationSection 66 covers data theft aswell as data alteration
19. Sec. 67. PornographySec. 67. Pornography
IngredientsIngredients
– Publishing or transmitting or causing to be publishedPublishing or transmitting or causing to be published
– in the electronic form,in the electronic form,
– Obscene materialObscene material
PunishmentPunishment
– On first convictionOn first conviction
imprisonment of either description up to five years andimprisonment of either description up to five years and
fine up to Rs. 1 lakhfine up to Rs. 1 lakh
– On subsequent convictionOn subsequent conviction
imprisonment of either description up to ten years andimprisonment of either description up to ten years and
fine up to Rs. 2 lakhfine up to Rs. 2 lakh
Section coversSection covers
– Internet Service Providers,Internet Service Providers,
– Search engines,Search engines,
– Pornographic websitesPornographic websites
Cognizable, Non-Bailable, JMIC/ Court of SessionsCognizable, Non-Bailable, JMIC/ Court of Sessions
20. Sec 69: Decryption ofSec 69: Decryption of
informationinformation
IngredientsIngredients
– Controller issues order to Government agency toController issues order to Government agency to
intercept any information transmitted through anyintercept any information transmitted through any
computer resource.computer resource.
– Order is issued in the interest of theOrder is issued in the interest of the
sovereignty or integrity of India,sovereignty or integrity of India,
the security of the State,the security of the State,
friendly relations with foreign States,friendly relations with foreign States,
public order orpublic order or
preventing incitement for commission of a cognizablepreventing incitement for commission of a cognizable
offenceoffence
– Person in charge of the computer resource fails toPerson in charge of the computer resource fails to
extend all facilities and technical assistance toextend all facilities and technical assistance to
decrypt the information-punishment upto 7 years.decrypt the information-punishment upto 7 years.
21. Sec 70 Protected SystemSec 70 Protected System
IngredientsIngredients
– Securing unauthorised access or attempting toSecuring unauthorised access or attempting to
secure unauthorised accesssecure unauthorised access
– to ‘protected system’to ‘protected system’
Acts covered by this section:Acts covered by this section:
– Switching computer on / offSwitching computer on / off
– Using installed software / hardwareUsing installed software / hardware
– Installing software / hardwareInstalling software / hardware
– Port scanningPort scanning
PunishmentPunishment
– Imprisonment up to 10 years and fineImprisonment up to 10 years and fine
Cognizable, Non-Bailable, Court of SessionsCognizable, Non-Bailable, Court of Sessions
22. Cyber crimes punishableCyber crimes punishable
under various Indianunder various Indian
lawslaws Sending pornographic or obscene emails are punishable under Section 67 of the IT Act.
An offence under this section is punishable on first conviction with imprisonment for a
term, which may extend to five years and with fine, which may extend to One lakh
rupees.
In the event of a second or subsequent conviction the recommended punishment is
imprisonment for a term, which may extend to ten years and also with fine which may
extend to Two lakh rupees.
Emails that are defamatory in nature are punishable under Section 500 of the Indian
Penal Code (IPC), which recommends an imprisonment of upto two years or a fine or
both.
Threatening emails are punishable under the provisions of the IPC pertaining to criminal
intimidation, insult and annoyance (Chapter XXII), extortion (Chapter XVII)
Email spoofing
Email spoofing is covered under provisions of the IPC relating to
fraud, cheating by personation (Chapter XVII), forgery (Chapter XVIII)
23. Arms ActOnline sale of Arms
Sec. 383 IPCWeb-Jacking
NDPS ActOnline sale of Drugs
Sec 416, 417, 463 IPCEmail spoofing
Sec 420 IPCBogus websites, cyber frauds
Sec 463, 470, 471 IPCForgery of electronic records
Sec 499, 500 IPCSending defamatory messages by email
Sec 503 IPCSending threatening messages by email
Computer Related Crimes under IPC
and Special Laws
23
24. Better EnforcementBetter Enforcement
initiativesinitiatives
Mumbai Cyber lab is a joint initiative of Mumbai police andMumbai Cyber lab is a joint initiative of Mumbai police and
NASSCOM –more exchange and coordination of this kindNASSCOM –more exchange and coordination of this kind
Suggested amendments to the IT Act,2000-new provisions forSuggested amendments to the IT Act,2000-new provisions for
child pornography, etcchild pornography, etc
More Public awareness campaignsMore Public awareness campaigns
Training of police officers to effectively combat cyber crimesTraining of police officers to effectively combat cyber crimes
More Cyber crime police cells set up across the countryMore Cyber crime police cells set up across the country
Effective E-surveillanceEffective E-surveillance
Websites aid in creating awareness and encouragingWebsites aid in creating awareness and encouraging
reporting of cyber crime cases.reporting of cyber crime cases.
Specialised Training of forensic investigators and expertsSpecialised Training of forensic investigators and experts
Active coordination between police and other law enforcementActive coordination between police and other law enforcement
agencies and authorities is required.agencies and authorities is required.